rsync from Ubuntu to Ubuntu as root, possible?
Felipe Figueiredo
philsf79 at gmail.com
Fri Jul 13 08:09:07 UTC 2007
On 7/12/07, Derek Broughton <news at pointerstop.ca> wrote:
> Felipe Figueiredo wrote:
>
> > On Thursday 12 July 2007 09:33:44 Derek Broughton wrote:
> >> Fajar Priyanto wrote:
> >>
> >> > Hi all,
> >> > I'm new to Ubuntu, and I'm aware that it's root account is not active
> >> > and that we should use sudo. But, I need to do an rsync from Ubuntu to
> >> > Ubuntu as root. Is it possible, or should I activate the root account?
> >> > Example:
> >> > sudo rsync -e ssh root at 10.0.0.19:/var/lib/samba /var/lib/samba
> >>
> >> It's hard to imagine the case where you would "need" to use root for an
> >> rsync. Generally speaking, we don't allow root to use ssh.
> >
> > Actually, Debian's default is to allow ssh for root. Ubuntu incorporates
> > it.
>
> Perhaps - I don't speak for Ubuntu. _We_ don't allow root to use ssh, and I
> think that's good security policy.
I neither understand or agree with debian's policy on this, nor why
ubuntu follows. IIRC, I read somewhere that deb-devels couldn't agree
on a consensus, and decided to go with upstream, which is allow root.
It seems a lot of heavy weigth devels (openssh, debian, ubuntu)
deciding it is safe enough to be left as default, as far as my tiny
security knowledge is concerned. Either way, since I don't need it, it
is part of my configuration issues to fix when first installing ssh
(along with allow X11 and agent forwarding and disabling hashes for
known hostnames).
Anyway, if it suits the OP, it's fine. I am also assuming, it's being
done on a LAN, secure from external attacks (based on the ip given).
He shouldn't need to make it permanent, anyway, unless it will be done
on a frequent basis.
Alternatively, of course, he could use a non-root account to do this,
if he can maintain that everything under that directory tree remain
with a constant group. He would then be able to put a particular user
in that group, put group read permissions for everything, and skip
root. Why haven't I suggested this earlier?
> > All the OP has to do, is enable a root password in the remote machine, and
> > use sudo in the local machine.
>
> Which, of course, is no better than doing it on his own machine.
I don't think I follow. I suggested enabling root login on only one
machine, instead of both. Is it the same for you to enable in both?
regards
FF
More information about the ubuntu-users
mailing list